hacktricks/pentesting-web/integer-overflow.md
2023-06-03 13:10:46 +00:00

4.5 KiB

Débordement d'entier

☁️ HackTricks Cloud ☁️ -🐦 Twitter 🐦 - 🎙️ Twitch 🎙️ - 🎥 Youtube 🎥

{% tabs %} {% tab title="Rust" %}

fn main() {

    let mut quantity = 2147483647;
    
    let (mul_result, _) = i32::overflowing_mul(32767, quantity);
    let (add_result, _) = i32::overflowing_add(1, quantity);
    
    println!("{}", mul_result);
    println!("{}", add_result);
}

{% endtab %}

{% tab title="Python" %}

import struct

def int_overflow(val):
    return struct.pack('q', val + (1 << 63))[:8]
print(int_overflow(9223372036854775807))

Output:

b'\xff\xff\xff\xff\xff\xff\xff\x7f'

{% endtab %} {% endtabs %}

References

#include <stdio.h>
#include <limits.h>

int main() {
    int a = INT_MAX;
    int b = 0;
    int c = 0;
    
    b = a * 100;
    c = a + 1;
    
    printf("%d\n", INT_MAX);
    printf("%d\n", b);
    printf("%d\n", c);
    return 0;
}

{% endtab %} {% endtabs %}

☁️ HackTricks Cloud ☁️ -🐦 Twitter 🐦 - 🎙️ Twitch 🎙️ - 🎥 Youtube 🎥